CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

OSV•added 2026/05/17 8:17 p.m.•5 views

SUSE-SU-2026:21804-1 Security update for go1.26

This update for go1.26 fixes the following issues Security issues: - CVE-2026-33811: net: crash when handling long CNAME response bsc1264508. - CVE-2026-33814: net/http: infinite loop in HTTP/2 transport when given bad SETTINGSMAXFRAMESIZE bsc1264506. - CVE-2026-39817: cmd/go: "go tool pack" does...

7.5CVSS6AI score0.00054EPSS

Tenable Nessus•added 2026/05/16 12:0 a.m.•13 views

SUSE SLED15 / SLES15 Security Update : go1.25 (SUSE-SU-2026:1862-1)

The remote SUSE Linux SLED15 / SLEDSAP15 / SLES15 / SLESSAP15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2026:1862-1 advisory. This update for go1.25 fixes the following issues Security issues: - CVE-2026-33811: net: crash when handling...

7.5CVSS5.9AI score0.00054EPSS

Exploits0References36

OSV•added 2026/05/14 10:33 p.m.•4 views

SUSE-SU-2026:1861-1 Security update for go1.26

7.5CVSS5.8AI score0.00054EPSS

OSV•added 2026/05/11 5:44 a.m.•5 views

BIT-GOLANG-2026-42501 Malicious module proxy can bypass checksum database in cmd/go

A malicious module proxy can exploit a flaw in the go command's validation of module checksums to bypass checksum database validation. This vulnerability affects any user using an untrusted module proxy GOMODPROXY or checksum database GOSUMDB. A malicious module proxy can serve altered versions o...

SUSE CVE•added 2026/05/09 2:42 a.m.•7 views

Exploits0References5

SUSE CVE-2026-42501

Tenable Nessus•added 2026/05/08 12:0 a.m.•7 views

Linux Distros Unpatched Vulnerability : CVE-2026-42501

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A malicious module proxy can exploit a flaw in the go command's validation of module checksums to bypass checksum database validation. This vulnerability affect...

7.5CVSS5.9AI score0.00008EPSS

EUVD•added 2026/05/07 9:30 p.m.•5 views

EUVD-2026-28433

5.8AI score0.00008EPSS

Exploits0References5

OSV•added 2026/05/07 8:16 p.m.•5 views

DEBIAN-CVE-2026-42501

NVD•added 2026/05/07 8:16 p.m.•6 views

Exploits0References1

CVE-2026-42501

7.5CVSS0.00008EPSS

Exploits0References4

OSV•added 2026/05/07 8:16 p.m.•2 views

UBUNTU-CVE-2026-42501

UbuntuCve•added 2026/05/07 8:16 p.m.•4 views

Exploits0References8

CVE-2026-42501

ATTACKERKB•added 2026/05/07 7:41 p.m.•7 views

Exploits0References7

CVE-2026-42501

5.8AI score0.00008EPSS

Exploits0References5Affected Software1

CVE•added 2026/05/07 7:41 p.m.•15 views

CVE-2026-42501

CVE-2026-42501 affects the Go toolchain download path via untrusted module proxies (GOMODPROXY) or checksum databases (GOSUMDB). The flaw allows a malicious module proxy to bypass checksum database validation when the Go toolchain is downloaded/selected (via GOTOOLCHAIN, go.work, or go.mod toolch...

Exploits0References4Affected Software1

Debian CVE•added 2026/05/07 7:41 p.m.•5 views

CVE-2026-42501

Vulnrichment•added 2026/05/07 7:41 p.m.•7 views

Exploits0

CVE-2026-42501 Malicious module proxy can bypass checksum database in cmd/go

5.8AI score0.00008EPSS

Exploits0References4

AlpineLinux•added 2026/05/07 7:41 p.m.•7 views

CVE-2026-42501

Snyk•added 2026/05/07 7:21 p.m.•5 views

Exploits0

Resources Downloaded over Insecure Protocol

Overview Affected versions of this package are vulnerable to Resources Downloaded over Insecure Protocol. Go Vulnerability Report: A malicious module proxy can exploit a flaw in the go command's validation of module checksums to bypass checksum database validation. This vulnerability affects any...

OSV•added 2026/05/07 7:21 p.m.•6 views

GO-2026-4984 Malicious module proxy can bypass checksum database in cmd/go

Positive Technologies•added 2026/05/07 12:0 a.m.•4 views

PT-2026-38570

Name of the Vulnerable Software and Affected Versions Go affected versions not specified Description A flaw in the go command's validation of module checksums allows a malicious module proxy to bypass checksum database validation. This occurs when the checksum database returns a successful respon...

7.5CVSS5.9AI score0.00008EPSS